CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

7.8CVSS8AI score0.00035EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:31 a.m.•5 views

CVE-2019-14074

u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice ...

7.8CVSS7.6AI score0.00035EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:49 a.m.•6 views

CVE-2019-10604

Possibility of heap-buffer-overflow during last iteration of loop while populating image version information in diag command response packet, in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9607,...

7.8CVSS7.1AI score0.00033EPSS

Exploits0References1

RedhatCVE•added 2025/02/06 3:16 a.m.•6 views

CVE-2021-35072

Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

7.8CVSS7.7AI score0.00098EPSS

Exploits0References1

NVD•added 2024/01/02 6:15 a.m.•19 views

CVE-2023-33014

Information disclosure in Core services while processing a Diag command...

7.6CVSS7.4AI score0.00077EPSS

Exploits0References1

Prion•added 2024/01/02 6:15 a.m.•17 views

Information disclosure

Information disclosure in Core services while processing a Diag command...

4.6CVSS7AI score0.00077EPSS

Exploits0References1

CVE•added 2024/01/02 5:38 a.m.•69 views

CVE-2023-33014

Technical details for CVE-2023-33014 are not publicly provided in the connected documents. The available entries mention information disclosure in Core services during a Diag command, but do not specify affected products/versions or a fix. Monitor for updates.

7.6CVSS6.5AI score0.00077EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/01/02 5:38 a.m.•14 views

CVE-2023-33014 Improper Input Validation in Services

Information disclosure in Core services while processing a Diag command...

7.6CVSS7.6AI score0.00077EPSS

Exploits0References1

Positive Technologies•added 2024/01/01 12:0 a.m.•2 views

PT-2024-12373 · Unknown · Coreservices

Name of the Vulnerable Software and Affected Versions: Core services affected versions not specified Description: The issue is related to information disclosure in Core services when processing a Diag command. Recommendations: At the moment, there is no information about a newer version that...

7.6CVSS6.7AI score0.00077EPSS

Exploits0References6

NVD•added 2023/12/05 3:15 a.m.•11 views

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name...

7.8CVSS0.00062EPSS

Exploits0References1

NVD•added 2023/12/05 3:15 a.m.•13 views

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments...

7.8CVSS0.0006EPSS

Exploits0References1

CVE•added 2023/12/05 3:4 a.m.•66 views

CVE-2023-33018

CVE-2023-33018 describes a memory corruption in the Qualcomm UIM (User Identity Module) related to the diag command used to retrieve the operator’s name. The CVE is rated HIGH with a CVSS v3.1 base score of 7.8 (LOCAL attack vector, LOW attack complexity, LOW privileges required, no user interact...

7.8CVSS7.9AI score0.00062EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by